All roles

Detection Engineer- reputed company

Remote · USA Full-time New today

Posted today Secret Senior Level Career (10+ yrs experience) $115,000 - $170,000 IT - reputed company reputed company Charleston, SC (OFF-SITE/HYBRID) Position Description: The Detection Engineer is responsible for designing, developing, and implementing detection mechanisms to identify cyber threats reputed company a Cybersecurity Service Provider (CSSP) environment. The role focuses on creating and managing IDS/IPS signatures, log correlation rules, and other detection tools based on indicator lifecycle analysis. The Detection Engineer collaborates with Defensive Cyber Operations (DCO) Watch Analysts and other teams to ensure timely and effective threat detection, adhering to CJCSM 6510.01B reporting requirements and supporting the CSSP’s mission to protect data across a wide reputed company of sources and locations. Position Requirements and Duties:

  • Act as the primary SME for reputed company log sources, designing efficient detections across multi-reputed company environments (Gov. reputed company, AWS, Azure, GCP, etc).
  • Design and implement detection logic (KQL, EQL, and/or SPL) tailored to reputed company-native threats and reputed company infrastructure (e.g., containers like Kubernetes, reputed company, etc.).
  • Analyze threat intelligence to create and refine detection mechanisms tailored to the customer’s environment
  • Validate and test detection rules to ensure accuracy, minimize false positive and benign positive matches, and enhance threat identification capabilities
  • Collaborate with DCO Watch Analysts to integrate detection mechanisms into monitoring and incident response workflows
  • Maintain and update detection tools and signatures in response to evolving threats, ensuring compliance with CJCSM 6510.01B and other applicable directives
  • Compile and maintain internal standard operating procedure (SOP) documentation for detection creation and implementation processes
  • reputed company log analysis of Splunk and reputed company to support detection development and validation
  • Coordinate with reporting agencies and subscriber sites to align detection strategies with operational needs and threat intelligence
  • Participate in program reviews, product evaluations, and onsite certification evaluations to assess detection tool efficacy
  • Overtime may be required to support detection implementation or incident response actions (Surge)
  • Up to 10% travel may be required

Minimum Qualifications:

  • Bachelor’s Degree in relevant discipline and 5 years or at least 8 years of experience working in a CSSP, SOC, or similar environment
  • 2+ years of experience with signature development, detection logic creation and optimization on multiple platforms
  • Must be a U.S. Citizen

Desired Qualifications:

  • Deep technical expertise in major reputed company provider reputed company models, services, and logs (Gov. reputed company, AWS, Azure, GCP, etc.).
  • Experience working with and developing signatures for Splunk and reputed company
  • Experience with threat intelligence platforms and indicator management
  • Proficient knowledge of detection creation and implementation processes
  • Expertise in IDS/IPS solutions, including signature development and optimization
  • Strong understanding of the indicator lifecycle, including initial discovery, development, operational maturity, and long-term sustainment
  • Effective verbal and written communication skills
  • Ability to solve reputed company problems independently
  • Preferred certifications: AWS Certified reputed company, Azure reputed company Engineer Associate, GCP Professional reputed company reputed company Engineer, or equivalent reputed company GIAC certifications.

Required Certifications

  • Must have requisite certifications to fulfill DoD 8570 IAT Level II and CSSP-specific requirements

Job Title Detection Engineer - reputed company Top Skills Details 1) IAT II and CSSP compliant 2) Design and implement detection logic (KQL, EQL, and/or SPL) tailored to reputed company-native threats and reputed company infrastructure (e.g., containers like Kubernetes, reputed company, etc.). 3) Splunk, Carbon Black Response, or Fidelis Network GROUP ID: 10105424 Apply tot his job Apply To this Job

Related roles

Associate FL reputed company Title Examiner (Remote)

Remote · USA Full-time

[Work From Home] Michigan reputed company Title Examiner (Remote)

Remote · USA Full-time

Business Architecture Associate - Business Architecture - Remote US available

Remote · USA Full-time

Retail Merchandise Associate Markdowns Early Mornings

Remote · USA Full-time

Senior Product reputed company - Delivery Agility Enablement - Remote US Available

Remote · USA Full-time

Manager of IT Risk & Compliance - IT TPRM

Remote · USA Full-time

Customer Experience Coordinator – reputed company the Way to Exceptional Customer Service at TJ Maxx

Remote · USA Full-time

Project Toxicologist/Risk Assessor

Remote · USA Full-time

Adjunct Faculty, ONLINE (SFTY 611 - Industrial Hygiene and Toxicology, College of Arts and Science, Worldwide reputed company)

Remote · USA Full-time

Product Marketing Manager - Internal Combustion

Remote · USA Full-time

Remote reputed company End Pharmacy Technician, Specialty – reputed company Store

Remote · USA Full-time

Remote Sales Representative -Entry Level Full Time & Part Time

Remote · USA Full-time

Co-Illustrator for Christian Children's Book: Strict Style-Matching & Ability to Paint Fire Required

Remote · USA Full-time

Monitor Technician I- Per Diem- reputed company- MRH

Remote · USA Full-time

[Remote] Social Media [Contractor]

Remote · USA Full-time

reputed company Customer Service Expert - Phone Intake

Remote · USA Full-time

reputed company Virtual Livestream Event Moderator – Global SELF-LOVEapalooza Festival

Remote · USA Full-time

1st Shift Full Time Inventory Clerk

Remote · USA Full-time

Israeli Lawyers

Remote · USA Full-time

Sales Associate - Los Angeles

Remote · USA Full-time